Skip to main content
close search
site logo
Dive Brief

What nightmares run on: Robots are vulnerable to ransomware too

Published March 12, 2018
Samantha Schwartz's headshot
Samantha Schwartz Reporter
SoftBank

Dive Brief:

  • Robots may become the new vehicle for ransomware, according to an IOActive report. In lieu of encrypting data, hackers could exploit the software operating robots in exchange for a ransom. By doing so, the infected robot becomes non-operational until the ransom is paid. Working robots, like SoftBank's Pepper, could heavily cost a company if its robots were non-operational for long periods of time.

  • IOActive constructed a proof of concept ransomware to exploit a robot's "undocumented function that allows remote command execution," according to IOActive. A hacker must "infect *.so module files" to disable administrative features, change the robot's root password and "disrupt factory reset mechanism[s]." Hackers then need to tell the command and control server of the infection and infect the files where custom code, or the code used to "execute" actions, is stored.

  • As of right now, most robots on the market don't have a fix, a patch for the flaw or a quick factory reset. Instead, owners of a potentially compromisable robot need to send it back to the manufacturer, which extends the period of time the robot is non-operational.

Dive Insight:

Robots have an increased presence in everyday technology and hackers could take note. In 2017, IOActive found about 50 flaws in robots from varying vendors.

Hackers could exploit those vulnerabilities to spy through a robot's microphone or camera, steal data or even cause "physical harm," according to the report.

Traditional ransomware targets and encrypts a victim's data. But ransomware for robots encrypts and blocks the software they run on, stalling a robot's functionality. When a potential victim is faced with paying a ransom or losing operational capabilities, they will likely choose the payment option, particularly if they don't have backups in place. 

Cybercrimes are already costing companies up to $2.4 million per attack but ransomware executed via robots may be even more costly. Because companies are increasing their reliance on robots, rendering them non-operational could take a toll on almost all aspects of a business: IT, supply chain, customer assistance, etc.

Ransomware execution is increasing in effectiveness and frequency. Experts agree that ransomware distributed through drive-by downloads with self-propagating properties is maturing

Recommended Reading

Filed Under: Security, Future Tech

Editors' picks

Company Announcements

View all | Post a press release
NeuBird Secures $22.5M in Funding, Announces General Availability of Hawkeye: An AI Teammate f…
From NeuBird
December 11, 2024
Celonis Appoints Benoit Fouilland as Chief Financial Officer to Drive Next Phase of Growth
From Celonis
December 05, 2024
Welo Data Launches Innovative Model Assessment Suite, Advancing Multilingual Causal Reasoning …
From Welocalize, Inc.
December 17, 2024
Graphiant Unveils Revolutionary Data Assurance Offering
From Graphiant
December 09, 2024
Editors' picks
Latest in Security
Industry Dive is an Informa TechTarget business.
© 2024 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.